A cryptographically enforced data exchange is disclosed that enables an exchange of customer travel records between a plurality of travel providers while preserving customer privacy. The disclosed system receives customer travel data from publishers, and communicates a portion of the customer travel data to one or more subscribers in response to determining a customer match, without disclosing any protected data elements between the publisher and the subscriber.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
2. The method of claim 1, wherein the protected information elements comprise personally identifiable information of a customer.
3. The method of claim 1, wherein the protected information elements comprise a customer identifier assigned by a publisher.
4. The method of claim 1, wherein the normalizing further comprises standardizing the received data prior to tokenizing the received data to facilitate matching of the tokenized data.
6. The method of claim 5, wherein the communication component does not receive the system hash key from the encryption service.
A system and method for secure communication between a client device and an encryption service involves generating and managing cryptographic keys to ensure data integrity and confidentiality. The system addresses the challenge of securely transmitting data between a client and a service without exposing sensitive cryptographic keys during the process. The client device generates a system hash key and a session key, where the session key is used to encrypt data before transmission. The system hash key is used to verify the integrity of the encrypted data. The encryption service, which receives the encrypted data, does not receive the system hash key directly from the client device. Instead, the system hash key is derived or managed independently, ensuring that the encryption service cannot access the original key. This prevents unauthorized decryption or tampering with the data. The method includes steps for generating the keys, encrypting the data, transmitting the encrypted data, and verifying its integrity without exposing the system hash key to the encryption service. The approach enhances security by minimizing the exposure of cryptographic keys and ensuring that only authorized parties can access or verify the data.
8. The method of claim 7, wherein the communication component does not receive the publisher hash keys associated with at least one of the one or more publishers from the encryption service.
11. The method of claim 10, wherein the confidence level is further determined based on element discounting and element match/unmatch weights.
A system and method for evaluating the confidence level of a match between a first set of elements and a second set of elements, particularly in applications such as data comparison, pattern recognition, or information retrieval. The method addresses the challenge of accurately assessing the reliability of matches between datasets, where variations, noise, or missing elements can affect the confidence in the comparison results. The method involves comparing the first set of elements to the second set of elements to identify matches and mismatches. Each element in the first set is evaluated against the second set, and a confidence level is calculated based on the presence or absence of matches. The confidence level is refined by applying element discounting, which adjusts the weight of individual elements based on their relevance or reliability. Additionally, element match/unmatch weights are applied, where matches contribute positively to the confidence level, while mismatches reduce it. These weights can be dynamically adjusted based on the context or domain-specific requirements. The method ensures that the confidence level reflects not only the raw number of matches but also the significance of each element in the comparison. This approach improves the accuracy of confidence assessments in scenarios where some elements may be more critical than others.
12. The method of claim 10, further comprising determining a customer match based on the confidence level of a customer match exceeding a selected threshold.
14. The method of claim 13, wherein the attributing is performed in response to receiving the data from each of the publishers.
15. The method of claim 13, wherein the attributing comprises appending a publisher identification for each of the protected data elements.
17. The system of claim 16, wherein the communication component is further configured to receive subscription requests to receive service data for one or more customers from a plurality of third parties, wherein each third party is a publisher providing customer information for at least a portion of the one or more customers.
18. The system of claim 16, wherein each third party is a publisher providing customer information for at least a portion of the one or more customers; and wherein a subscription request is inferred in response to a publisher providing customer sets information.
19. The system of claim 16, wherein the one or more protected data elements and the one or more service records for a customer are received at substantially the same time from a publisher.
This invention relates to a data processing system for securely managing customer data and service records. The system addresses the challenge of securely handling sensitive customer information while ensuring timely access to associated service records. The system receives protected data elements, such as personally identifiable information (PII), and service records for a customer from a publisher. The protected data elements are encrypted or otherwise secured to prevent unauthorized access. The service records contain transactional or operational data related to the customer. The system ensures that the protected data elements and service records are received simultaneously or nearly simultaneously from the publisher to maintain data consistency and integrity. This synchronized reception helps prevent discrepancies between the protected data and the service records, ensuring accurate and secure data processing. The system may further include mechanisms to validate, store, and retrieve the data while enforcing access controls to protect the protected data elements. The invention improves data security and operational efficiency by streamlining the ingestion and management of sensitive customer information alongside related service records.
20. The system of claim 16, wherein the one or more protected data elements and the one or more service records for a customer are received at different times and subsequently associated.
21. The system of claim 16, wherein the one or more protected data elements comprise personally identifiable information of a customer.
A system for managing protected data elements, particularly those containing personally identifiable information (PII) of a customer, is disclosed. The system includes a data processing module that receives and processes data from various sources, such as databases, user inputs, or external systems. The system identifies and isolates protected data elements, including PII, to ensure compliance with privacy regulations and security standards. A data transformation module applies encryption, anonymization, or tokenization techniques to protect the PII while maintaining data usability. The system also includes a data storage module that securely stores the processed data, ensuring that PII is safeguarded against unauthorized access. Additionally, the system may include a data access control module that enforces access policies, allowing only authorized users or systems to retrieve or modify the protected data. The system further supports auditing and reporting features to track data access and modifications, ensuring transparency and accountability. The overall goal is to provide a robust framework for handling sensitive customer data while minimizing privacy risks and regulatory non-compliance.
22. The system of claim 16, wherein the publisher protected data elements comprise a customer identifier assigned by a publisher.
23. The system of claim 16, wherein the normalization component is configured to tokenize the protected data elements in response to receipt of the protected data elements by the communication component.
24. The system of claim 23, wherein the normalization component is configured to tokenize the protected data elements before the protected data elements are stored to the storage component.
25. The system of claim 23, wherein the normalization component is further configured to standardize the protected data elements to facilitate matching of the tokenized protected data elements.
26. The system of claim 16, wherein the publisher protected data element is received from a publisher other than the publisher that created the publisher protected data element.
27. The system of claim 16, wherein the cryptographic component is configured to hash the protected data elements by communicating the protected data elements to an encryption service that hashes each protected data element using one of the system hash key or the publisher hash keys, and returns the hashed protected data elements.
28. The system of claim 27, wherein the encryption service further comprises a key management system, and is further configured to retrieve an encrypted publisher hash key from the key management system, decrypt the encrypted publisher hash key using a system key encrypting key maintained by the key management system of the encryption service, and hash the publisher protected data element using the decrypted publisher hash key.
A system for secure data processing includes an encryption service that manages cryptographic operations for protecting data elements. The system addresses the challenge of securely handling and processing sensitive data by integrating a key management system within the encryption service. This key management system stores and retrieves encrypted cryptographic keys, ensuring secure access and usage. The encryption service retrieves an encrypted publisher hash key from the key management system and decrypts it using a system key encrypting key maintained by the key management system. The decrypted publisher hash key is then used to hash a publisher protected data element, ensuring data integrity and confidentiality. The system automates key retrieval, decryption, and hashing processes, reducing manual intervention and minimizing security risks. The key management system centralizes key storage and access control, enhancing security and compliance with cryptographic standards. This approach ensures that sensitive data elements are processed securely while maintaining the integrity and confidentiality of the data throughout the encryption and hashing workflow.
29. The system of claim 28, wherein the key management system stores the system hash key and each publisher hash key in an encrypted data store.
30. The system of claim 27, wherein the system hash key and the publisher hash keys are not communicated to the system by the encryption service.
31. The system of claim 27, wherein the encryption service is hosted on a different server than the cryptographic component of the system.
32. The system of claim 16, wherein the cryptographic component is further configured to encrypt at least a portion of a service record using a publisher data encryption key provided for the publisher that provided the service record; and to decrypt at least a portion of the service record using the publisher data encryption key prior to said service record being communicated to a third party.
33. The system of claim 16, wherein the storage component comprises a database.
34. The system of claim 16, wherein the storage component comprises durable storage.
A system for data management includes a storage component designed to provide durable storage for data. The storage component ensures that data remains intact and retrievable even in the event of system failures, power outages, or other disruptions. This durability is achieved through mechanisms such as redundancy, error correction, and persistent storage media, which protect against data loss. The system may also include additional features such as data replication across multiple storage devices or locations to further enhance reliability. By incorporating durable storage, the system ensures that critical data remains available and uncorrupted over time, addressing the problem of data loss in unreliable storage environments. The storage component may be integrated with other system components, such as processing units or network interfaces, to facilitate seamless data access and management. This approach is particularly useful in applications where data integrity and availability are paramount, such as financial systems, healthcare records, or enterprise databases. The durable storage component may also support various data formats and storage protocols, making it adaptable to different use cases and infrastructure requirements.
35. The system of claim 16, wherein the matching component is further configured to perform an exact match on each element of the protected data elements and determine a confidence level of a customer match based on at least a number of matching elements.
36. The system of claim 35, wherein the matching component is further configured to determine the confidence level based on element discounting and element match/unmatch weights.
37. The system of claim 35, wherein the matching component is further configured to determine a customer match based on the confidence level of a customer match exceeding a selected threshold.
38. The system of claim 16, wherein the matching component is configured to determine a service match based on a comparison of at least one of service characteristic associated with at least a pair of service records; and wherein the communication component is further configured to, in response to determining a customer match and a service match, communicate at least a portion of the service record received from a publisher for the customer to the third party without disclosing any of the protected data elements between the publisher and the third party.
40. The system of claim 39, wherein the attribution component is further configured to attribute the protected data element to each of two or more publishers in response to receiving the protected data element from each of the two or more publishers.
41. The system of claim 39, wherein the attribution component is configured to attribute a protected data element to one or more publishers by appending a publisher identifier for each of the one or more publishers to the protected data element.
42. The system of claim 41, wherein, in response to receiving a request from a publisher to delete customer information provided by said publisher, the attribution component is further configured to disassociate said publisher from each element of the customer service data stored in the storage component, and delete each element of customer service data no longer associated with any publisher, and the cryptographic component is configured to invalidate the publisher hash key and the publisher data encryption key associated with said publisher.
44. The system of claim 16, wherein the communications component is further configured to receive permissions from the one or more publishers regarding the elements of the customer information that are permitted to be shared with third parties, and is further configured to selectively communicate the elements of the customer information to third parties based on the permissions.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 3, 2019
November 15, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.